Fergie's Tech Blog

Saturday, September 08, 2007

U.S. Toll in Iraq, Afghanistan

As of Saturday, Sept. 8, 2007, at least 3,760 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,071 died as a result of hostile action, according to the military's numbers.

The AP count is 12 higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

As of Saturday, Sept. 8, 2007, at least 372 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Sept. 1, 2007.

Chip Implants Linked to Animal Tumors

When the U.S. Food and Drug Administration approved implanting microchips in humans, the manufacturer said it would save lives, letting doctors scan the tiny transponders to access patients' medical records almost instantly. The FDA found "reasonable assurance" the device was safe, and a sub-agency even called it one of 2005's top "innovative technologies."

But neither the company nor the regulators publicly mentioned this: A series of veterinary and toxicology studies, dating to the mid-1990s, stated that chip implants had "induced" malignant tumors in some lab mice and rats.

"The transponders were the cause of the tumors," said Keith Johnson, a retired toxicologic pathologist, explaining in a phone interview the findings of a 1996 study he led at the Dow Chemical Co. in Midland, Mich.

Leading cancer specialists reviewed the research for The Associated Press and, while cautioning that animal test results do not necessarily apply to humans, said the findings troubled them. Some said they would not allow family members to receive implants, and all urged further research before the glass-encased transponders are widely implanted in people.

FBI Data Mining Reached Beyond Target Suspects

The F.B.I. cast a much wider net in its terrorism investigations than it has previously acknowledged by relying on telecommunications companies to analyze phone-call and e-mail patterns of the associates of Americans who had come under suspicion, according to newly obtained bureau records.

The documents indicate that the Federal Bureau of Investigation used secret demands for records to obtain data not only on individuals it saw as targets but also details on their “community of interest” — the network of people that the target in turn was in contact with. The bureau recently stopped the practice in part because of broader questions raised about its aggressive use of the records demands, which are known as national security letters, officials said Friday after being asked about it.

Friday, September 07, 2007

U.S. Toll in Iraq, Afghanistan

As of Friday, Sept. 7, 2007, at least 3,760 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,071 died as a result of hostile action, according to the military's numbers.

The AP count is 12 higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

As of Friday, Sept. 7, 2007, at least 372 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Sept. 1, 2007.

China's Cyber Army is Preparing to March on America, Says Pentagon

Chinese military hackers have prepared a detailed plan to disable America’s aircraft battle carrier fleet with a devastating cyber attack, according to a Pentagon report obtained by The Times.

The blueprint for such an assault, drawn up by two hackers working for the People’s Liberation Army (PLA), is part of an aggressive push by Beijing to achieve “electronic dominance” over each of its global rivals by 2050, particularly the US, Britain, Russia and South Korea.

China’s ambitions extend to crippling an enemy’s financial, military and communications capabilities early in a conflict, according to military documents and generals’ speeches that are being analysed by US intelligence officials. Describing what is in effect a new arms race, a Pentagon assessment states that China’s military regards offensive computer operations as “critical to seize the initiative” in the first stage of a war.

Filipino Action to Remove Porn Site Domain Name

In the Philippines, a fight against online pornography has developed, started by Catanduanes Rep. Joseph Santiago, chairman of the House committee on information and communications technology, is supporting Sen. Loren Legarda in the war on computer pornography.

The fight against pornography involves the National Bureau of Investigation (NBI), according to Santiago, finding ways to remove the domain name of the Philippine’s top online portal with the help of Network Solutions according to a report in Balita from the Philippines.

Santiago appears to be basing the possibility of removing the domain name on previous FBI efforts in the US in removing several domain names used by paedophiles to traffic in child porn.

ID Theft Research Group to Come Out of the Shadows

The Center for Identity Management and Information Protection (CIMIP) has kept a low profile since its inception over a year ago, but that's about to change: The public-private partnership that includes IBM, the U.S. Secret Service, and the FBI, has just broken ground on a new multi-million dollar secured facility, and next month will release some surprising findings about the bad guys behind identity theft.

Gary Gordon, executive director for CIMIP, says the organization will be presenting some interesting findings from two research projects to the Secret Service and the Bureau of Justice Assistance next week, and then will go public with those results at its "Identity Management and Information Protection: Research to Action" conference next month in McLean, Va.

China Shuts Down Data Centers and Server Farms in Internet Purge

China has shut down a large number of Internet data centers (IDCs) and server cabinets in recent weeks in its latest Internet purge, a source told Interfax today.

"The government began shutting down large IDCs across China last week," a Web site owner, who wished to remain anonymous, said. He said IDCs in Fujian, Henan and Shanghai had been closed.

The source believed the shut downs were part of an Internet purge in preparation for the upcoming 17th National Congress of the Communist Party of China (CPC). He said accusations that Web sites contained illegal information were being used to justify the shut downs. Server cabinets hosting Web sites subject to these accusations were also disabled. If an IDC was found to contain a number of Web sites accused of holding illegal information, then the entire facility would be taken offline, closing down all sites hosted at that particular IDC.

UK: Data Theft From Loans.co.uk

Police have confirmed Watford firm Loans.co.uk have contacted them regarding the possible theft of thousands of customers' personal details.

It is understood Herts police have investigated the theft of data, possibly including credit card numbers and bank account details, from the credit broker, based in Croxley Business Park.

Customers with Loan.co.uk have already been informed about the theft and potential risk it puts them in.

Other customers have reported receiving hundreds of unwanted calls from credit card firms. It is understood they too have been contacted by Loans.co.uk and told their personal information was stolen and sold on.

U.S. Joint Staff Readies Cyber Operations Plan

Military officials are readying a new plan central to how U.S. forces will operate in cyberspace, according to the Joint Staff’s vice director for command, control, communications and computer systems.

Air Force Brig. Gen. Michael Basla said officials in his directorate, dubbed J-6, are developing what he called an “implementation plan” to complement the classified National Military Strategy for Cyberspace Operations. Senior Defense Department leaders approved that document last December.

U.S. Lawmakers Urge Delay in Domestic Spy Satellite Plan

Members of Congress and civil liberties groups demanded Thursday that the Homeland Security Department delay a new program that will let police and counterterrorism officers use powerful spy satellites above the United States.

"Privacy and civil liberties concerns were apparently an afterthought" when the Bush administration decided to give Homeland Security the authority to run the new program, Rep. Jane Harman, D-Calif., said at a House Homeland Security Committee hearing.

The Non-Defense Department

On July 18, Sunbelt Software came across a SQL command passed as a query within a URL belonging to an arm of a European country's military. With that, any visitor can pass queries in the URL straight to the back-end database and squeeze out any data, no password required.

At the time, the URL displayed what Sunbelt President Alex Eckelberry calls an "infantile" security screw-up: Namely, putting production code and a back-end database into the hands of anybody who wanders by. It was, in other words, a serious security vulnerability that even the most basic security policy should have forbidden, never mind the security policy of a major defense agency.

Sunbelt, of Clearwater, Fla., alerted security researchers from the country in question. They in turn assured Sunbelt that they would notify the defense agency.

End of story? Unfortunately not. Six weeks later, Sunbelt checked the site and found it was still a sitting duck, serving up military base information to any visitor who knows how to frame a SQL query, telling potential attackers exactly which database it was running and what operating system it was using, thereby painting a day-glow arrow toward the exact class of known vulnerabilities and exploits that could bring it to its knees.

Lord Justice Sedley's proposal to put everyone in the UK on a DNA database would be dependent on a British man's case against the UK at the European Court of Human Rights (ECHR), according to a privacy law expert.

Michael Marper is objecting to the retention of his DNA information on the Home Office's database, despite the fact that he has never been convicted of a crime. He has appealed through the English courts and the ECHR agreed earlier this year to hear his case.

The Singularity Summit 2007

In the coming decades, humanity will probably create a powerful artificial intelligence. The Singularity Institute at Stanford University is sponsoring a two-day summit to discuss this urgent challenge, both its opportunities and its risks.

Alum Charged With Hacking Into Texas A&M

A recent graduate of Texas A&M University is charged with hacking into the school's computer system and illegally accessing information on 88,000 current and former students, faculty and staff members.

Luis Castillo must appear before a magistrate judge Wednesday.

Federal prosecutors said Castillo, who graduated in December with a computer science degree, accessed the system in February and caused more than $5,000 in losses to the university. The school had to hire extra staff to minimize damage.

Castillo was charged with felony reckless damage to a protected computer and could face as many as five years in prison if convicted.

Thursday, September 06, 2007

Local: More Than 4,000 De Anza Students At Risk For ID Theft

De Anza College announced Thursday that thousands of former students might be at risk for identity fraud after an instructor's laptop computer, containing students' personal information, was stolen last month.

The Cupertino community college is attempting to contact 4,375 students and former students of the mathematics instructor to inform them that their personal information may be at risk. The computer contained the students' names, addresses, grades and in many cases Social Security numbers.

"Probably the bulk of them are Social Security numbers," said Foothill-De Anza Community College District spokeswoman Becky Bartindale.

xkcd: Madness Can't Be Far Away

China Seen as Honing Cyber-Attack Skills

The recent allegations that China has been hacking into sensitive government computer systems in the United States and Europe follow years of heavy investment by the People's Liberation Army in cyber-attack capabilities, U.S. defense officials and Asian security analysts said.

Although much of China's spending on information warfare remains secret, the Chinese military and its propaganda organs have regularly expressed their desire to develop computer warfare expertise and have boasted of their growing sophistication in the field, these experts said.

"There are intensive discussions in China about developing and perfecting their information warfare abilities," said Andrew Yang, a China military expert at the Taiwan-based Chinese Council of Advanced Policy Studies. "They have improved their tactics and approaches."

The U.S. military has alleged for nearly a year that China has launched cyber attacks on Pentagon networks. The issue returned to the spotlight this week after allegations, first reported by the Financial Times, that the PLA in June broke into an unclassified computer system used by the office of Defense Secretary Robert M. Gates. The breach forced the Pentagon to disable the computer system for several days.

U.S. Toll in Iraq

As of Thursday, Sept. 6, 2007, at least 3,752 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,065 died as a result of hostile action, according to the military's numbers.

The AP count is 10 higher than the Defense Department's tally, last updated Thursday at 10 a.m. EDT.

Terrorists Foil FBI Watchlist Due to 'Technical Glitch'

The FBI failed to put as many as 20 suspected terrorists on watch lists tailored to alert border agents and immigration officials because of a technology glitch, a Justice Department audit concluded Thursday.

It was not immediately clear whether any of the suspects entered the United States as a result of the security lapse.

Responding, the director of the FBI's Terrorist Screening Center acknowledged the gap, but said it soon will be fixed.

U.S. Tested Terrorist Data Program Using Real People's Names

A damning privacy audit of the U.S. Department of Homeland Security's "data-mining" activities has found tests conducted on a new computer program designed to identify potential terrorist suspects used real names and birth dates of people travelling across the U.S.-Canada border instead of dummy data.

Concerns about DHS's testing of its ADVISE data analysis system have dogged the agency since March, when the congressional Government Accountability Office first identified possible privacy violations.

"Like other data-mining applications, the ADVISE tool could misidentify or erroneously associate an individual with undesirable activity such as fraud, crime or terrorism," the GAO said in a report at the time.

Storm Worm Botnet More Powerful Than Top Supercomputers

The Storm worm botnet has grown so massive and far-reaching that it easily overpowers the world's top supercomputers.

That's the latest word from security researchers who are tracking the burgeoning network of Microsoft Windows machines that have been compromised by the virulent Storm worm, which has pounded the Internet non-stop for the past three months. Despite the wide ranging estimates as to the size of the botnet, researchers tend to agree that it's one of the largest zombie grids they've ever seen -- one capable of doing great damage.

UK: A Crime is Committed Online Once Every 10 Seconds

More than three million online crimes were carried out last year, according to estimates published today. These included more than 200,000 cases of financial fraud, twice the official number of real-world robberies carried out during the same period.

The report was written by criminology firm 1871 Ltd and commissioned by online identity firm Garlik. It suggests that 60% of the online crimes committed last year, an estimated 1.9 million incidents, were ‘offences against the person’ including abusive or threatening emails, false or offensive accusations posted on websites and blackmail perpetrated over the internet.

According to the report, 90% of cybercrimes go unreported with victims deterred from coming forward as they wrongly believe the activity is not criminal or that the police will be unable or unwilling to investigate.

Judge Strikes Down Part of Patriot Act

A federal judge struck down parts of the revised USA Patriot Act on Thursday, saying investigators must have a court's approval before they can order Internet providers to turn over records without telling customers.

U.S. District Judge Victor Marrero said the government orders must be subject to meaningful judicial review and that the recently rewritten Patriot Act "offends the fundamental constitutional principles of checks and balances and separation of powers."

The American Civil Liberties Union had challenged the law, complaining that it allowed the FBI to demand records without the kind of court order required for other government searches.

The ACLU said it was improper to issue so-called national security letters, or NSLs - investigative tools used by the FBI to compel businesses to turn over customer information - without a judge's order or grand jury subpoena.

Goodbye, Network Neutrality: Feds OK Fee for Priority Web Traffic

The Justice Department on Thursday said Internet service providers should be allowed to charge a fee for priority Web traffic.

The agency told the Federal Communications Commission, which is reviewing high-speed Internet practices, that it is opposed to "Net neutrality," the principle that all Internet sites should be equally accessible to any Web user.

Several phone and cable companies, such as AT&T Inc., Verizon Communications Inc. and Comcast Corp., have previously said they want the option to charge some users more money for loading certain content or Web sites faster than others.

NIST Issues New Computer Security Guidelines for Active Content

The National Institute of Standards and Technology has updated its security guidelines for dealing with active content, providing an overview for active content and mobile code in use today and laying out a framework for making security decisions about its use within an organization.

Incorporating active content such as Java applets, JavaScript and other scripts, and macros can add to the functionality of documents, e-mails, Web pages and files in a wide variety of formats, but NIST calls their security vulnerabilities “insidious.” The expanding use of these technologies is becoming common in a range of products and services, on desktop computers, servers and gateway devices.

Wednesday, September 05, 2007

Singapore Exchange Hit by Another Computer Problem

Singapore Exchange Ltd. has warned investors not to rely on data provided for the Straits Times Index, one day after a computer inaccurately reported the value of the component stocks in the benchmark index.

The incident is the latest in a string of computer-related problems to hit the exchange this year.

"The Straits Times Index may not reflect fully the movement in its components. Market participants are advised not to rely on the figure until further notice," the exchange said on its Web site Thursday morning.

In Passing: Luciano Pavarotti

U.S. Toll in Iraq, Afghanistan

As of Wednesday, Sept. 5, 2007, at least 3,750 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,064 died as a result of hostile action, according to the military's numbers.

The AP count is nine higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EDT.

As of Wednesday, Sept. 5, 2007, at least 372 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Sept. 1, 2007.

The criminals will move away from a scatter-gun approach and start targeting specific companies and people, the Australian Institute of Criminology report on directions in technology crime warns. It says the access card planned by the Federal Government will be a "likely target".

"Areas of risk will relate to dishonest initial enrolment of users as well as data insecurity, both with respect to the card's computer chip as well as supporting databases," it said.

Criminals might also try to compromise the quality of data protection for e-passports.

UK: London Tops the Charts in 'Card Not Present' Fraud

Card not present (CNP) fraud has soared in the UK and London is the number one hotspot, according to figures released by retail watchdog Early Warning.

According to the figures - which revealed CNP fraud shot up 22 per cent in the past year - central London postcodes saw the heaviest CNP activity, and are fast becoming known as the CNP fraud capital of Europe.

Trailing behind London in the CNP fraud top ten were Manchester, Coventry, Kilmarnock, Bristol, Brighton, Leicester, Leeds, Glasgow and Nottingham.

Chinese Cyberattacks Cause Damage, Embarrassment

China has rejected both the U.S. and German allegations, complaining of "wild accusations" which were "totally groundless and also reflect a Cold War mentality".

Sandra Bell, security analyst at the Royal United Services Institute in London, said the emergence of the two reports in consecutive weeks appeared to signal that Western governments were running out of patience with the alleged Chinese activity.

"It does seem the international community appears to be saying: 'We know who's doing this and we want it to stop,'" she said.

Two minutes after launching from the Baikonur Cosmodrome in Kazakhstan tonight, a Russian heavy-lifting Proton rocket suffered a malfunction of its second stage, leading to destruction of Japanese satellite payload riding aboard the booster.

Destroyed in tonight's launch accident was the JCSAT-11 communications spacecraft, the first commercial Japanese satellite to ever fly on Proton.

Built by Lockheed Martin, the 8,800-pound (4,000-kilogram) spacecraft was headed for geostationary orbit 22,300 miles (35,786 kilometers) above the equator. JSAT Corp. of Tokyo would have operated the satellite to provide telecommunications services to Japan, the Asia-Pacific region and Hawaii.

Titan Rain UK: How Chinese Hackers Targeted Whitehall

Chinese hackers, some believed to be from the People's Liberation Army, have been attacking the computer networks of British government departments, the Guardian has learned.

The attackers have hit the network at the Foreign Office as well as those in other key departments, according to Whitehall officials.

The Ministry of Defence declined yesterday to say whether it had been hit. An incident last year that shut down part of the House of Commons computer system, initially believed to be by an individual, was discovered to be the work of an organised Chinese hacking group, officials said.

Security and defence officials are coy about what they know of specific attacks. However, they say several Whitehall departments have fallen victim to China's cyberwarriors. One expert described it as a "constant ongoing problem".

Are Chinese Attacks Blunders?

Now the British press is reporting infiltration of Whitehall by the People’s Liberation Army. You have to ask yourself is this just bad hacking on the part of the PLA? After all, a good cyber attack would either be super stealthy, thus undetected and never reported or, it would serve some purpose to be blatant and cause network outages.

If the recent incidents at the Pentagon, the German Chancellery, and now Whitehall are blunders then it points to what is probably the tip of the iceberg. In other words, hacking by China is so prevalent that accidents happen and these few incidents get discovered. That is my current theory. The Chinese are very bold, there are no negative repercussions from being discovered, and they are probably still in the early phases of exploratory hacking just to see what happens and what can be gained from hacking.

The other theory that comes to mind is a little more disturbing. That would be that the Chinese are already so confident in their hacking ability that they are using attacks to demonstrate their ability.

UK: Thousands of e-Mails Lost in Spam Attack

Thousands of emails have been stuck in virtual limbo for days after a massive “spam attack” on the telecoms firm Onetel.

A large number of the firm’s 30,000 email customers have been unable to send or receive emails properly for more than a month and many say their complaints to Onetel appear to have fallen on deaf ears.

Frustrated by the company’s apparent delay in responding to their complaints, many say they have decided to switch to alternative providers.

Cisco Security Advisories

Cisco CallManager and Unified Communications Manager are vulnerable to cross-site Scripting (XSS) and SQL Injection attacks in the lang variable of the admin and user logon pages. A successful attack may allow an attacker to run JavaScript on computer systems connecting to CallManager or Unified Communications Manager servers, and has the potential to disclose information within the database.

The Cisco Content Switching Modules (CSM) and Cisco Content Switching Module with SSL (CSM-S) contain two vulnerabilities that can lead to a denial of service (DoS) condition. The first vulnerability exists when processing TCP packets, and the second vulnerability affects devices with service termination enabled.

DHS Chief: Cyber Security Efforts Are 'Classified'

Homeland Security Secretary Michael Chertoff on Wednesday largely dodged questions from a congressional committee about the department's cybersecurity operations, including whether its computers have ever faced attacks from Chinese hackers.

During wide-ranging testimony before the U.S. House of Representatives Homeland Security Committee here, Chertoff devoted only a few sentences to his department's charge of protecting the nation's computer systems from attack. He claimed he couldn't get into many of the details because of their "classified" nature.

"I can assure you we are working with other elements of the federal government and giving the highest priority to putting together an enhanced strategy with respect to cybersecurity," he told the politicians.

DHS has been publicly blasted by Congress and government auditors in the past for failing to live up to their expectations in the cybersecurity realm.

Judge Scolds U.S. on Wiretapping Records

A federal judge scolded the Bush administration Wednesday for responding with sometimes blanket secrecy to a request for documents on its warrantless wiretapping program.

Privacy groups and civil rights organizations sued the Justice Department last year, demanding it release documents under the Freedom of Information Act. The government refused to release most of the records, arguing that such a move could jeopardize national security and undermine terrorism investigations.

But U.S. District Judge Henry H. Kennedy Jr. said Wednesday that's not good enough.

"While the court is certainly sensitive to the government's need to protect classified information and its deliberative processes, essentially declaring 'because we say so' is an inadequate" defense, Kennedy wrote.

Off Beat: Nuclear Bombs Mistakenly Flown Over U.S.

A B-52 bomber was mistakenly armed with six nuclear warheads and flown for more than three hours across several states last week, prompting an Air Force investigation and the firing of one commander, Pentagon officials said Wednesday.

The incident was so serious that President Bush and Defense Secretary Robert Gates were quickly informed and Gates has asked for daily briefings on the Air Force probe, said Defense Department press secretary Geoff Morrell. He said, "At no time was the public in danger."

The Economist: Is Cyber Warfare a Serious Threat?

A decade or so ago, thinkers and pundits were fond of discussing the emerging threat of cyber attacks as a matter of international affairs. The growing reliance of advanced economies on the internet, and the increasing use of the internet by governments and armies, seemed to offer vulnerability along with riches and convenience. The scare of the “Y2K bug” seemed to highlight the danger, at least until it became obvious that the bug was of no threat to anyone.

Now, despite preoccupation with more old-fashioned sorts of terrorism and war, is there, again, reason to fret about the cyber sort? Revelations this year that hackers successfully broke into Pentagon computers, followed by off-the-record confirmation by officials speaking to the Financial Times this week that the assailants were connected to China’s army, have brought the issue back to the fore.

Tuesday, September 04, 2007

UK: Chinese Hackers Also 'Raid Whitehall Computers'

Hackers with links to China's military were last night accused of waging a long-term campaign to penetrate the computer networks of British government departments.

A day after China denied that it was the hidden hand behind hackers who breached Pentagon security networks in the US, ''cyberwarriors'' acting at the behest of the People's Liberation Army (PLA) were blamed for breaking into networks at the Foreign Office and other departments.

The ''virtual'' attacks on the Pentagon were described yesterday by experts as "a wake-up call" to those in charge of safeguarding the security of British governmental secrets. So-called ''Cyber attacks'' on governmental networks in the UK by Chinese hackers are thought to have been going on for at least four years, according to a report in The Guardian.

The campaign was responsible for an incident last year that shut down part of the House of Commons computer system, according to Whitehall officials.

U.S. Toll in Iraq

As of Tuesday, Sept. 4, 2007, at least 3,741 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,065 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EDT.

FBI: Enterprises Need Counterintelligence

The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks.

Little publicly-available evidence exists to prove that foreign governments have backed or planned to launch attempts to steal intellectual property from U.S. corporations and researchers, but officials with the FBI claim that the problem is real and that American organizations must begin policing their operations more aggressively today to prevent valuable data from being stolen tomorrow.

In October, the FBI's Counterintelligence Domain Program -- which aims to foster cooperation between the agency and private entities to help organizations identify and protect potential intelligence risks -- will mark its first year in existence.

Off Beat: Mideast Peace Through Porn

The Vietnam War-era slogan "Make love, not war" has been taken to its logical extreme by an Israeli pornographic website, which is engaged in a sort of cultural exchange of bodily fluids with the Arab world.

According to a recent report in Daily Variety, when executives at Ratuv installed software that could track where their users were logging in, they found that the site was getting thousands of hits a week from such countries as Syria, Saudi Arabia, Iran and Iraq, even though some of these governments block the ".il" domain address on Israeli websites. So Ratuv responded by translating the entire site into Arabic, and traffic quickly skyrocketed.

Monday, September 03, 2007

U.S. Toll in Iraq

As of Monday, Sept. 3, 2007, at least 3,740 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,061 died as a result of hostile action, according to the military's numbers.

The AP count is five higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

A man looking for a new home on an online mapping service has stumbled across an aerial image of a US nuclear-powered submarine in dry dock showing a part of the vessel that wasn't meant to be seen.

The image - which appears on Microsoft's Virtual Earth mapping service - is of the seven-bladed propeller used on an Ohio class ballistic missile submarine.

The vessel was being worked on at a dry dock at the Naval Base Kitsap-Bangor in Washington State, in the north-west of the United States. The base is part of Bangor's Strategic Weapons Facility Pacific which houses the largest nuclear weapons arsenal.

Propeller designs have been closely guarded secrets since the days of the Cold War. It is still common for them to be draped with tarps or removed and covered when a submarine is out of the water.

Image of the Day: Sorry We Missed You...

Beware: Enemy Attacks in Cyberspace

Lieutenant General Robert Elder, senior Air Force officer for cyberspace issues, recently joked that North Korea “must only have one laptop” to make the more serious point that every potential adversary – except Pyongyang – routinely scans US computer networks.

North Korea may be impotent in cyberspace, but its neighbour is not. The Chinese military sent a shiver down the Pentagon’s spine in June by successfully hacking into an unclassified network used by the top policy advisers to Robert Gates, the defence secretary.

While the People’s Liberation Army has been probing Pentagon networks hund­reds of times a day for the past few years, the US is more alarmed at the growing frequency and sophistication of the attacks.

'Stupid' Vulnerabilities Reported in Oracle 11g

The latest version of Oracle Corp.'s flagship database offers better security than earlier versions, but development errors have left vulnerabilities that attackers can use to steal data, an expert warned Monday.

"Oracle made big progress with 11g, but some of the vulnerabilities I've found so far in 11g are stupid programming errors," said Alexander Kornbrust, managing director of Red Database Security GmbH, during an interview at the Hack In The Box (HITB) Security Conference 2007 in Kuala Lumpur, Malaysia.

Kornbrust, who helps large companies audit the security of their Oracle databases, examined the software and found SQL injection vulnerabilities, which allow attackers to run malicious code. He also uncovered a way to circumvent the auditing capability in 11g and other versions of the database, which could undermine a company's compliance efforts.

The History Of Labor Day

Most of the world marks Labor Day on May 1 with parades and rallies. Americans celebrate it in early September, by heading to the beach or firing up the grill. Why the discrepancy? Here's a hint: The answer would have been a great disappointment to Frederick Engels.

Engels, the co-author of The Communist Manifesto, had high hopes for May Day, which originated in the United States. When the socialist-dominated organization known as the Second International jumped on the American bandwagon and adopted May 1 as International Labor Day, Engels confidently expected the proletariats of Europe and America to merge into one mighty labor movement and sweep capitalism into the dustbin of history.

Things didn't work out that way, of course, and the divergent Labor Day celebrations are part of the story.

Analyst: Chinese Face Spy Scandal Fallout

A report suggesting that the Chinese military has hacked into German government computers could have a negative impact on the prospects in Western markets of Chinese equipment vendors Huawei Technologies Co. Ltd. and ZTE Corp., believes an analyst at Dresdner Kleinwort.

German news magazine Der Spiegel reported recently that computers in the German chancellery and the foreign, economic, and research ministries had been infected with Chinese spyware software, and German officials say they believe the hackers were linked to China's People's Liberation Army.

The incident overshadowed German Chancellor Angela Merkel's state visit last week to Chinese Premier Wen Jiabao.

But the ramifications could go far beyond international relations and even damage Chinese companies' prospects for IT and telecom contracts in the West, believes Dresdner Kleinwort analyst Per Lindberg.

Small Businesses Ignore Peril of Cybercrime

New research finds that small companies in Europe don't think that they're a prime target for cybercrime.

Nearly half of small companies think that cybercrime is an issue for larger enterprises, according to a new survey.

The study of 600 IT managers in small and medium enterprises (SMEs) across Europe found that 47 per cent of respondents assumed that they were too small for criminals to bother attacking them.

The research, carried out by polling company ICM, found that 58 per cent of European SMEs were simply 'not concerned' about becoming victims of cybercrime, despite almost three quarters (73 per cent) of them citing online access and availability as being critical to their businesses.

Sunday, September 02, 2007

U.S. Toll in Iraq

As of Sunday, Sept. 2, 2007, at least 3,738 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 3,061 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

Thousands in Minnesota Without Phone Service, Includes 911 Access

A fiber optic outage in Osseo shortly after noon Sunday quickly spread in the north and west metro, causing about 98,000 customers to lose some or all of their phone service.

There were reports out of Carver and Hennepin counties that 911 service was down for some customers, but Colleen Floyd, a spokeswoman for telephone service provider Embarq, said that is still being investigated.

About 70,000 Embarq customers did not have a dial tone at all and an additional 28,000 could not make or receive long-distance calls, Floyd said. Embarq is a former division of Sprint.